IN THE CLAIMS 



This listing of claims will replace all prior versions, and listings, of claims in the 
application: 
Listing of Claims: 

1. (Currently Amended) A method for identifying network traffic comprising: 

receiving pattern matching data; 

comparing the pattern matching data with a pattern; 

determining whether the pattern matching data matches the pattern; and 

concluding based at least in part on a determination that the pattern 
matching data matches the pattern that a network traffic with which the pattern matching 
data is associated is associated with an application protocol with which the pattern is 
associated. 

assigning a first score to a first match if the patt e rn matching data match e s 

th e patt e rn; 

comparing th e pattern matching data with a second pattern; and 

assigning a s e cond scor e to a s e cond match if th e patt e rn matching data 
match e s a s e cond patt e rn . 

2. (Original) A method for identifying network traffic as recited in Claim 1, wherein the 
pattern matching data includes application data. 

3. (Original) A method for identifying network traffic as recited in Claim 1, in the event that 
the pattern matching data matches the pattern, further including determining a property 
associated with the network traffic. 

4. (Canceled) 
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5. (Original) A method for identifying network traffic as recited in Claim 1, in the event that 
the data matches the pattern, further including determining a property associated with the data 
and assigning a score for the property. 

6. (Original) A method for identifying network traffic as recited in Claim 1, in the event that 
the data matches the pattern, further including determining a property associated with the data; 
and applying a policy based on the property. 

7. (Original) A method for identifying network traffic as recited in Claim 1, further 
comprising assigning a score to a match if the pattern matching data matches the pattern. 

8. (Canceled) 

9. (Canceled) 

10. (Original) A method for identifying network traffic as recited in Claim 1, wherein the 
pattern matching data includes a string selected from a packet. 

11. (Original) A method for identifying network traffic as recited in Claim 1, wherein pattern 
matching data includes concatenated application data of a plurality of packets. 

12. (Original) A method for identifying network traffic as recited in Claim 1, wherein the 
pattern includes a regular expression. 

13. (Original) A method for identifying network traffic as recited in Claim 1, wherein the 
pattern includes application protocol information. 

14. (Original) A method for identifying network traffic as recited in Claim 1, wherein the 
pattern includes commonly used port information. 

15. (Original) A method for identifying network traffic as recited in Claim 1, in the event the 
data does not match the pattern, further comprising returning a failure indicator. 
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16. (Original) A method for identifying network traffic as recited in Claim 1, wherein 
determining whether the pattern matching data matches the pattern occurs at the beginning of 
session. 

17. (Original) A method for identifying network traffic as recited in Claim 1, wherein 
comparing the pattern matching data with a pattern is performed for each received data. 

18. (Canceled) 

19. (Canceled) 

20. (Currently Amended) A system for identifying network traffic comprising: 

an interface configured to receive pattern matching data; 
a processor configured to: 

compare the pattern matching data with a pattern; 

determine whether the pattern matching data matches the pattern; 

and 

conclude based at least in part on a determination that the pattern 
matching data matches the pattern that a network traffic with which the pattern 
matching data is associated is associated with an application protocol with which 
the pattern is associated. 

assign a first scor e to a first match if th e patt e rn matching data 

match e s th e patt e rn; 

compare th e patt e rn matching data with a s e cond patt e rn; and 

assign a s e cond scor e to a s e cond match if th e patt e rn matching 
data matches a s e cond patt e rn. 
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21. (Currently Amended) A computer program product for identifying network traffic, the 
computer program product being embodied in a computer readable medium and comprising 
computer instructions for: 

receiving pattern matching data; 
comparing the pattern matching data with a pattern; and 
determining whether the pattern matching data matches the pattern; and 
concluding based at least in part on a determination that the pattern 
matching data matches the pattern that a network traffic with which the pattern matching 
data is associated is associated with an application protocol with which the pattern is 
associated. 

assigning a first scor e to a first match if th e patt e rn matching data match e s 

th e patt e rn; 

comparing th e patt e rn matching data with a s e cond pattern; and 

assigning a s e cond s cor e to a second match if the patt e rn matching data 
matches a s e cond pattern. 

22. (Canceled) 
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